Example 91 with CipherInputStream
use of javax.crypto.CipherInputStream in project apjp by jvansteirteghem.
the class HTTPSServlet method doPost.
public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
try {
httpServletResponse.setStatus(200);
for (int i = 0; i < APJP_REMOTE_HTTPS_SERVER_RESPONSE_PROPERTY_KEY.length; i = i + 1) {
if (APJP_REMOTE_HTTPS_SERVER_RESPONSE_PROPERTY_KEY[i].equalsIgnoreCase("") == false) {
httpServletResponse.addHeader(APJP_REMOTE_HTTPS_SERVER_RESPONSE_PROPERTY_KEY[i], APJP_REMOTE_HTTPS_SERVER_RESPONSE_PROPERTY_VALUE[i]);
}
}
SecretKeySpec secretKeySpec = new SecretKeySpec(APJP_KEY.getBytes(), "ARCFOUR");
Cipher inputStreamCipher = Cipher.getInstance("ARCFOUR");
inputStreamCipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
CipherInputStream httpRequestInputStream = new CipherInputStream(httpServletRequest.getInputStream(), inputStreamCipher);
Cipher outputStreamCipher = Cipher.getInstance("ARCFOUR");
outputStreamCipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
CipherOutputStream httpResponseOutputStream = new CipherOutputStream(httpServletResponse.getOutputStream(), outputStreamCipher);
HTTPRequestMessage httpRequestMessage1 = new HTTPRequestMessage(httpRequestInputStream);
httpRequestMessage1.read();
HTTPSRequest httpsRequest1 = new HTTPSRequest(httpRequestMessage1);
httpsRequest1.open();
try {
HTTPResponseMessage httpResponseMessage1 = httpsRequest1.getHTTPResponseMessage();
HTTPMessageHeader[] httpResponseMessage1Headers1 = httpResponseMessage1.getHTTPMessageHeaders();
HTTPMessageHeader httpResponseMessage1Header1 = httpResponseMessage1Headers1[0];
String httpResponseMessage1Header1Key1 = httpResponseMessage1Header1.getKey();
String httpResponseMessage1Header1Value1 = httpResponseMessage1Header1.getValue();
httpResponseOutputStream.write((httpResponseMessage1Header1Value1 + "\r\n").getBytes());
for (int i = 1; i < httpResponseMessage1Headers1.length; i = i + 1) {
httpResponseMessage1Header1 = httpResponseMessage1Headers1[i];
httpResponseMessage1Header1Key1 = httpResponseMessage1Header1.getKey();
httpResponseMessage1Header1Value1 = httpResponseMessage1Header1.getValue();
httpResponseOutputStream.write((httpResponseMessage1Header1Key1 + ": " + httpResponseMessage1Header1Value1 + "\r\n").getBytes());
}
httpResponseOutputStream.write(("\r\n").getBytes());
httpResponseMessage1.read(httpResponseOutputStream);
} catch (Exception e) {
throw e;
} finally {
try {
httpsRequest1.close();
} catch (Exception e) {
}
}
} catch (Exception e) {
logger.log(Level.INFO, "EXCEPTION", e);
httpServletResponse.setStatus(500);
}
}
Also used :
HTTPRequestMessage(APJP.HTTP11.HTTPRequestMessage)
CipherOutputStream(javax.crypto.CipherOutputStream)
HTTPSRequest(APJP.HTTP11.HTTPSRequest)
CipherInputStream(javax.crypto.CipherInputStream)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
HTTPResponseMessage(APJP.HTTP11.HTTPResponseMessage)
Cipher(javax.crypto.Cipher)
HTTPMessageHeader(APJP.HTTP11.HTTPMessageHeader)
ServletException(javax.servlet.ServletException)
IOException(java.io.IOException)
Example 92 with CipherInputStream
use of javax.crypto.CipherInputStream in project apjp by jvansteirteghem.
the class HTTPServlet method doPost.
public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
try {
httpServletResponse.setStatus(200);
for (int i = 0; i < APJP_REMOTE_HTTP_SERVER_RESPONSE_PROPERTY_KEY.length; i = i + 1) {
if (APJP_REMOTE_HTTP_SERVER_RESPONSE_PROPERTY_KEY[i].equalsIgnoreCase("") == false) {
httpServletResponse.addHeader(APJP_REMOTE_HTTP_SERVER_RESPONSE_PROPERTY_KEY[i], APJP_REMOTE_HTTP_SERVER_RESPONSE_PROPERTY_VALUE[i]);
}
}
SecretKeySpec secretKeySpec = new SecretKeySpec(APJP_KEY.getBytes(), "ARCFOUR");
Cipher inputStreamCipher = Cipher.getInstance("ARCFOUR");
inputStreamCipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
CipherInputStream httpRequestInputStream = new CipherInputStream(httpServletRequest.getInputStream(), inputStreamCipher);
Cipher outputStreamCipher = Cipher.getInstance("ARCFOUR");
outputStreamCipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
CipherOutputStream httpResponseOutputStream = new CipherOutputStream(httpServletResponse.getOutputStream(), outputStreamCipher);
HTTPRequestMessage httpRequestMessage1 = new HTTPRequestMessage(httpRequestInputStream);
httpRequestMessage1.read();
HTTPRequest httpRequest1 = new HTTPRequest(httpRequestMessage1);
httpRequest1.open();
try {
HTTPResponseMessage httpResponseMessage1 = httpRequest1.getHTTPResponseMessage();
HTTPMessageHeader[] httpResponseMessage1Headers1 = httpResponseMessage1.getHTTPMessageHeaders();
HTTPMessageHeader httpResponseMessage1Header1 = httpResponseMessage1Headers1[0];
String httpResponseMessage1Header1Key1 = httpResponseMessage1Header1.getKey();
String httpResponseMessage1Header1Value1 = httpResponseMessage1Header1.getValue();
httpResponseOutputStream.write((httpResponseMessage1Header1Value1 + "\r\n").getBytes());
for (int i = 1; i < httpResponseMessage1Headers1.length; i = i + 1) {
httpResponseMessage1Header1 = httpResponseMessage1Headers1[i];
httpResponseMessage1Header1Key1 = httpResponseMessage1Header1.getKey();
httpResponseMessage1Header1Value1 = httpResponseMessage1Header1.getValue();
httpResponseOutputStream.write((httpResponseMessage1Header1Key1 + ": " + httpResponseMessage1Header1Value1 + "\r\n").getBytes());
}
httpResponseOutputStream.write(("\r\n").getBytes());
httpResponseMessage1.read(httpResponseOutputStream);
} catch (Exception e) {
throw e;
} finally {
try {
httpRequest1.close();
} catch (Exception e) {
}
}
} catch (Exception e) {
logger.log(Level.INFO, "EXCEPTION", e);
httpServletResponse.setStatus(500);
}
}
Also used :
HTTPRequestMessage(APJP.HTTP11.HTTPRequestMessage)
CipherOutputStream(javax.crypto.CipherOutputStream)
HTTPRequest(APJP.HTTP11.HTTPRequest)
CipherInputStream(javax.crypto.CipherInputStream)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
HTTPResponseMessage(APJP.HTTP11.HTTPResponseMessage)
Cipher(javax.crypto.Cipher)
HTTPMessageHeader(APJP.HTTP11.HTTPMessageHeader)
ServletException(javax.servlet.ServletException)
IOException(java.io.IOException)
Example 93 with CipherInputStream
use of javax.crypto.CipherInputStream in project ontrack by nemerosa.
the class FileConfidentialStore method load.
/**
* Reverse operation of {@link #store(String, byte[])}
*
* @return null the data has not been previously persisted.
*/
@Override
public byte[] load(String key) throws IOException {
CipherInputStream cis = null;
FileInputStream fis = null;
try {
File f = getFileFor(key);
if (!f.exists())
return null;
Cipher sym = Cipher.getInstance("AES");
sym.init(Cipher.DECRYPT_MODE, masterKey);
cis = new CipherInputStream(fis = new FileInputStream(f), sym);
byte[] bytes = IOUtils.toByteArray(cis);
return verifyMagic(bytes);
} catch (GeneralSecurityException e) {
throw new IOException("Failed to persist the key: " + key, e);
} finally {
IOUtils.closeQuietly(cis);
IOUtils.closeQuietly(fis);
}
}
Also used :
CipherInputStream(javax.crypto.CipherInputStream)
GeneralSecurityException(java.security.GeneralSecurityException)
Cipher(javax.crypto.Cipher)
IOException(java.io.IOException)
File(java.io.File)
FileInputStream(java.io.FileInputStream)
Example 94 with CipherInputStream
use of javax.crypto.CipherInputStream in project lobcder by skoulouzis.
the class DesEncrypter method decrypt.
public void decrypt(InputStream in, OutputStream out) throws IOException {
InputStream cipherIn = null;
try {
int read;
cipherIn = new CipherInputStream(in, dcipher);
byte[] copyBuffer = new byte[Constants.BUF_SIZE];
while ((read = cipherIn.read(copyBuffer, 0, copyBuffer.length)) != -1) {
out.write(copyBuffer, 0, read);
}
} finally {
try {
cipherIn.close();
} finally {
out.close();
}
}
// try {
// cipherIn = new CipherInputStream(in, dcipher);
// CircularStreamBufferTransferer cBuff = new CircularStreamBufferTransferer((Constants.BUF_SIZE), cipherIn, out);
// cBuff.startTransfer(new Long(-1));
// } catch (Exception ex) {
// throw new IOException(ex);
// } finally {
// if (out != null) {
// try {
// out.flush();
// out.close();
// } catch (java.io.IOException ex) {
// }
// }
// if (cipherIn != null) {
// cipherIn.close();
// }
// }
}
Also used :
CipherInputStream(javax.crypto.CipherInputStream)
CipherInputStream(javax.crypto.CipherInputStream)
InputStream(java.io.InputStream)
Example 95 with CipherInputStream
use of javax.crypto.CipherInputStream in project wycheproof by google.
the class CipherInputStreamTest method testCorruptDecrypt.
/**
* JDK-8016171 : CipherInputStream masks ciphertext tampering with AEAD ciphers in decrypt mode
* Further description of the bug is here:
* https://blog.heckel.xyz/2014/03/01/cipherinputstream-for-aead-modes-is-broken-in-jdk7-gcm/
* BouncyCastle claims that this bug is fixed in version 1.51. However, the test below still fails
* with BouncyCastle v 1.52. A possible explanation is that BouncyCastle has its own
* implemenatation of CipherInputStream (org.bouncycastle.crypto.io.CipherInputStream).
*
* @param tests an iterable with valid test vectors, that will be corrupted for the test
* @param acceptEmptyPlaintext determines whether an empty plaintext instead of an exception
* is acceptable.
*/
@SuppressWarnings("InsecureCryptoUsage")
public void testCorruptDecrypt(Iterable<TestVector> tests, boolean acceptEmptyPlaintext) throws Exception {
for (TestVector t : tests) {
Cipher cipher = Cipher.getInstance(t.algorithm);
cipher.init(Cipher.DECRYPT_MODE, t.key, t.params);
cipher.updateAAD(t.aad);
byte[] ct = Arrays.copyOf(t.ct, t.ct.length);
ct[ct.length - 1] ^= (byte) 1;
InputStream is = new ByteArrayInputStream(ct);
CipherInputStream cis = new CipherInputStream(is, cipher);
try {
byte[] result = new byte[t.pt.length];
int totalLength = 0;
int length = 0;
do {
length = cis.read(result, totalLength, result.length - totalLength);
if (length > 0) {
totalLength += length;
}
} while (length >= 0 && totalLength != result.length);
cis.close();
if (result.length > 0) {
fail("this should fail; decrypted:" + TestUtil.bytesToHex(result) + " pt: " + TestUtil.bytesToHex(t.pt));
} else if (result.length == 0 && !acceptEmptyPlaintext) {
fail("Corrupted ciphertext returns empty plaintext");
}
} catch (IOException ex) {
// expected
}
}
}
Also used :
CipherInputStream(javax.crypto.CipherInputStream)
ByteArrayInputStream(java.io.ByteArrayInputStream)
CipherInputStream(javax.crypto.CipherInputStream)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
Cipher(javax.crypto.Cipher)
IOException(java.io.IOException)
Aggregations
CipherInputStream (javax.crypto.CipherInputStream)102
Cipher (javax.crypto.Cipher)66
IOException (java.io.IOException)42
InputStream (java.io.InputStream)32
ByteArrayInputStream (java.io.ByteArrayInputStream)30
IvParameterSpec (javax.crypto.spec.IvParameterSpec)21
SecretKeySpec (javax.crypto.spec.SecretKeySpec)21
FileInputStream (java.io.FileInputStream)19
InvalidKeyException (java.security.InvalidKeyException)16
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)15
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)13
NoSuchPaddingException (javax.crypto.NoSuchPaddingException)12
ByteArrayOutputStream (java.io.ByteArrayOutputStream)11
NullCipher (javax.crypto.NullCipher)11
DataInputStream (java.io.DataInputStream)9
RuntimeException (java.lang.RuntimeException)9
GeneralSecurityException (java.security.GeneralSecurityException)9
CipherOutputStream (javax.crypto.CipherOutputStream)8
BufferedInputStream (java.io.BufferedInputStream)7
Key (java.security.Key)7
